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1  Introduction 


One  of  the  most  attractive  program  development  methods  is  transformational  pro¬ 
gramming.  In  this  report  we  explore  transformation  oriented  language  design.  We 
start  with  the  assumptions  that 

1.  Programs  are  to  be  initially  written  as  straightforward,  understandable,  exe¬ 
cutable  specifications.  More  efficient,  but  probably  less  readable,  programs  are 
derived  through  correctness  preserving  transformations. 

2.  Functional  and  relational  operators  provide  an  appropriate  context  for  specifi¬ 
cations.  They  have  the  algebraic  properties  required  for  the  transformations. 

The  central  contribution  is  the  application  of  Tarski's  RA  and  Q-relation  algebras 
[1]  to  program  transformation.  We  find  the  notation  is  a  convenient  combination  of 
logic  programming  and  functional  programming  This  middle  ground  has  the  express- 
ibilityof  the  former  and  the  manipulability  of  the  latter  because  it  provides  for  higher 
order  operations  in  a  first  order  way.  A  key  contribution  is  a  single  operator  for  linear 
recursions  over  regularly  structured  objects  along  with  equations  for  merging  loops 
and  propagating  constraints. 


2  Motivation 


Operators  have  been  largely  ignored  in  logic  programming  languages.  In  general  the 
greater  the  amount  of  pattern  directed  invocation  of  procedures  there  is  in  a  language, 
the  less  the  dependence  on  operators.  This  need  not  and  should  not  be  the  case  as 
both  concepts  are  an  important  part  of  modern  programming  languages,  and  operators 
help  reason  about  programs  at  a  high  level. 

An  operator  in  Prolog  is  a  program  clause,  describing  an  n-ary  relation,  with  a 
variable  that  is  called  as  a  predicate  in  the  body  of  the  clause.  Warren  [2]  described 
how  to  define  higher  order  operators  in  Prolog  and  argued  that  extending  the  Prolog 
language  definition  to  include  them  was,  in  large  part,  unnecessary.  Indeed,  their 
definitions  are  simple  but  they  are  awkward  to  use. 

For  example,  the  following  Prolog  program  defines  a  4  argument  relation  iterate 
and  exhibits  the  difficulties  with  higher  order  operators  in  Prolog.  The  first  argument 
of  iterate  is  a  sequence  and  the  second,  F,  is  a  predicate  of  3  arguments.  The  third 
argument,  Z,  is  normally  a  right  identity  for  F  although  this  is  not  required.  It  is 
the  answer  supplied  when  iterated  over  an  empty  list.  Finally,  the  last  argument  for 
iterate  is  the  result 
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Example  1  A  Prolog  iterate  operator 


iterated  ],F,Z,Z). 
iterate([X\L],F,Z,Y)  :  - 
iterate(L,  F,  Z,  V'o), 

F(X,Y0,Y). 


Operators  defined  this  way  are  not  often  directly  applicable  as  there  is  no  con¬ 
vention  about  the  number  of  arguments  in  a  predicate.  In  particular,  iterate  expecis 
a  function,  such  as  plus,  with  exactly  three  arguments  such  that  the  first  two  are 
different  ‘inputs'  and  the  third  is  an  answer.  Secondly,  lists  are  ‘wired  into'  the  first 
argument.  For  example,  it  cannot  be  used  to  generate  the  first  N  integers  such  as 
with  APL’s  iota.  Finally,  this  operator  does  not  describe  all  iterations  over  lists.  An 
example  is  map  which  applies  the  same  function  in  a  one-to-one  fashion  to  each  item 
of  a  list.  Each  of  these  linear  recursions  requires  a  new  definition  and  a  combinatorial 
increase  in  the  effort  to  reason  about  their  combinations. 

If  a  program  construct  is  to  be  manipulated  then  it  must  satisfy  some  algebraic 
properties.  These  properties  are  most  applicable  if  the  construct  is  abstractly  defined, 
independently  of  a  model.  The  following  preliminaries  are  model  independent. 


3  Preliminaries 


We  will  interpret  the  notation  as  both  mathematical  symbols  and  as  program  con¬ 
structs  but  recognize  that  the  two  are  distinct.  Within  definitions  and  arguments 
for  correctness  we  follow  Tarski’s  extended  predicate  logic  £+  [1].  Propositions  are 
statements  of  the  algebraic  properties  of  relation  operators.  However,  definitions  are 
also  interpreted  as  program  clauses  and  propositions  as  properties  of  program  forming 
operations  We  view  every  program  as  a  relation  between  inputs  and  outputs  with 
the  proviso  that  the  viewpoint  can  be  reversed,  when  feasible,  to  construct  inputs 
from  outputs  These  transformations  reduce  the  size  of  the  computation  tree  and  are 
applicable  to  both  sequential  and  OR-parallel  computations  if  conjuctions  of  subgoals 
are  solved  from  left  to  right. 

The  algebraic  terminology  categorizes  a  portion  of  the  large  collection  of  relation 
equations.  It  also  helps  describe  algorithms  abstractly,  independently  of  a  model  The 
most  specific  structures  are  relation  algebras  and  Q-relation  algebras  as  described  in 
[1],  Table  1  is  a  summary  of  notation. 
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Symbol 
A  —  Z 
a  —  z 
T 
S 

5(5) 

A 

V 


3 

V 


Meaning 

variables 

constants  or  function  symbols 

set  of  terms 

set  of  ground  terms 

set  of  binary  relations  on  S 

logical  and 

logical  or 

logical  negation 

existential  quantifier 

universal  quantifier 

if  and  only  if 

is  provable  if 

defined  or  proved  equivalent  to 
ordered  couple 


Table  1:  Summary  of  notation 


The  theory  of  relations  is  one  of  the  most  developed  branches  of  logic[l ,3.4]  In 
particular,  the  calculus  of  binary  relations  follows  the  well  understood  laws  of  Boolean 
algebra. 

A  Boolean  algebra  is  a  structure  {£/,  U,— ).  Although  there  are  no  implicit  assump¬ 
tions  about  the  underlying  universe  U ,  we  are  most  interested  in  algebras  defined  on 
B(S).  The  following  is  an  sample  axiomatization. 

(XuY)VZsXu(YvZ),  (1) 

XuysVuA’,  (2) 

X  =  (XuV)uIuF.  (3) 


A  relation  algebra  is  a  structure  (U,  U,  ,  o,”,  id).  The  common  language  describes 
these  operations  as  union,  complementation,  composition,  converse,  and  the  iden¬ 
tity.  A  summary  of  the  relation  operators  appears  in  Table  2.  The  following  is  an 
axiomatization  for  RA  [1,5] 


(FUG)UW  s  FU(GuH), 
F  U  G  =  G  U  F, 

F  =  (FUG)U(FU  C), 


(4) 

(5) 

(6) 
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Relation  Symbol 
<t> 

u> 

Ru  S 

Rns 

ROS 

RoS 

R 

R~ 

R’ 

im 

*  (D.S.C) 

id 

di 

hd 

tl 


Meaning 
empty  relation 
universal  relation 
union  of  relations 
intersection  of  relations 
ordered  coupler  of  relations 
relative  product  or  composition 
complement  of  the  relation  R 
converse  of  a  relation 
monoid  closure  of  R 
relational  constructor  of  couples 
linear  recursion 
identity  relation 
diversity  relation 
first  conjugated  projection 
second  conjugated  projection 


Table  2:  Summary  of  Relations  and  Relation  Operators 


Fo(G°  H)  =  (FoG)o  H, 

(") 

(FuC)oH  s  FoHVGoH, 

(?) 

F  c  id  =  F, 

(9) 

F~=  F, 

(10) 

(F  U  G)'  =  F~  U  G~, 

(11) 

{F  oG)'=  G~o  F~. 

(12) 

F~cFcGJG  =  G. 

(13) 

From  these  fundamental  operations  we  can  abstractly  define  other  relations  and 
relation  operators.  Positive,  logical  definitions  of  intersection  FnC  and  the  universal 
relation  w  are  preferred.  They  are  more  easily  implemented  and  constructive  proofs 
are  more  intuitive.  Implementation  considerations  for  negations  such  as  complement 
and  diversity  di  are  discussed  in  the  next  section. 


yr\G=  FUG, 
u>  =  id  U  id, 

<t>  =  w, 


(14) 

(15) 

(16) 
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di  =  id.  (17) 

It  is  easy,  but  tedious,  to  check  that  the  following  logical  definitions  for  these  relation 
operators  satisfy  the  properties  of  an  RA. 

VA'Y{A'  (F  n  G)  Y  -  A  F  Y  A  A’  G  V),  (18) 

VA'Y {A’  (F  U  G)  Y  ~  A'  F  Y  V  A'  G  >'},  (19) 

VAT  {A'  (F  o  G)  Y  ~  3{ZX  F  Z  AZ  GY)),  (20) 

VAT{A’ry«y  fa'),  (21 ) 

VA'{A  id  A } ,  (22) 

VAT  {A  w  Y),  (23) 

VAl'(AFy-^AFy),  (24) 

VA'V {A  di  Y  ~  ->(A'  idY).  (25) 


Other  simple  properties  of  union  and  intersection  follow. 


A  \J<p  =  A, 

(26) 

d>u  A  =  A, 

(27) 

(Ar\B)r)C  =  An(BnC). 

(28) 

A  tlw  =  A, 

(29) 

ui  n  A  =  A. 

(30) 

For  any  given  RA  —  (U ,  U.fl,  ,  <t>,u),  two  elements  a,  6  are  called  conjugated  quastpro- 
jections  if  a'  o  a  C  id,  fc'o  b  C  id,  and  a'ob  =  u.  An  RA  is  called  a  Q-relation  algebra 
if  its  universe  contains  some  conjugated  quasiprojections. 

These  definitions  say  nothing  about  the  intended  realization,  and  their  abstractness 
is  what  makes  them  appropriate  for  describing  broadly  applicable  operations.  In  [1] 
the  intended  interpretation  is  encapsulated  into  a  membership  relation  E.  All  laws  of 
RA  and  a  Q-relation  algebra  hold  for  any  definition  of  E,  and  E  connects  the  abstract 
relation  algebras  with  a  particular  universe  over  which  the  relations  are  to  range. 

In  particular,  a  Q-relation  algebra  defined  over  a  nontrivial  universe  contains  or¬ 
dered  pairs  or  couples  and  the  conjugated  quasiprojections  suggest  that  there  are  tools 
for  selecting  components  of  these  couples.  We  define  two  such  selectors  over  ordered 
couples  called  conjugated  projections  and  represent  them  by  hd  and  tl. 


VAT{[A|Y]  hd  A), 
VAT{[A’|Y]  tl  Y). 


(31) 

(32) 


Note  that  they  satisfy  hd'ohd  =  id,iF  otl  =  id ,  and  hd~  otl  =  w.  Thus  they  qualify  as 
conjugated  quasiprojections.  These  projections  select  components  of  ordered  couples 
The  following  operators  construct  or  perform  related  functions  on  couples 


(F|G']  =  (fo/»<nn(Got/-)1  (33, 

FOG  =  [hdo  F|f(  o  G]  (3-1  i 

The  following  properties  hold  for  construction  and  coupling  operators  They  all  have 
similar  proofs 

(FUG|W]=  [f|W]u[G|//].  (35.1 

[F|CU  H)  =  [F|G]U[F|W].  (36) 

!F|G]n[//|A']  =  [( F  O  H)\(G  n  A')].  (37) 

(FOG)o(HOK)  =  (FoH)O(GoK).  (3m 

(FOG  o  W)o(ROS)  =  (FOG)  o(RO\V  oS).  (39) 

(F  oWOG)o(ROS)  =  (FOG)o(W  o  ROS).  (40, 

(FOG)'  =  (F'OG’).  (41) 

(FUG)OH  =  (FOH  UGOH).  (42, 

FO(G'J  H)=  (FOGu  FOR).  (43! 

(FOG)n(HOK)  =  (FnH)O(GnK).  (44  i 


4  Application  to  programs 

The  logical  definitions  of  U.  H,  o, ",  hd.  /(,□,[  |  ],  id,  and  -  (18-23)  suggest  an  obvious 
implementation  with  an  SLD- resolution  logic  programming  system  in  the  logic  of 
predicates  of  three  variables  For  example,  the  goal  X  R  Y  would  be  represented  as 
p(X .  R,Y).  Diversity  and  complement  are  discussed  in  section  4  1 

Note  that  no  sentence  introduces  variables  into  the  relation  argument  Thus  every 
literal  in  the  body  of  a  program  clause  of  the  form  p(X,R,Y)  will  contain  onlv  vari¬ 
ables  R  that  were  named  in  the  clause  head.  Therefore  if  a  gca!  is  p{X .R.Y)  where  R 
is  ground,  then  every  relation  argument  in  every  subgoal  will  be  ground  We  require 
that  R  be  selected  from  a  finite  number  of  possible  relations  and  relational  constructs 

We  shall  read  R  =  S  as  ‘R  is  equivalent  to,  but  should  be  rewritten  as,  5.'  But  this 
is  represented  in  a  logic  program  as  the  clause  p(A\  R,  Y)  :  -p(A\  S,  V).  Conjunctions 
are  solved  from  left  to  right.  Our  intent  is  to  match  control  with  the  order  in  which 
variables  are  bound.  Therefore  we  partition  the  arguments  of  a  relation  into  two 
structured  components,  an  ‘input'  and  an  ‘output.'  Predicates  of  single  arguments 
are  extended  to  two  arguments,  both  of  which  are  the  same  value 
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The  FP  systems  of  Backus  [6]  also  depend  upon  operators,  particularly  composi¬ 
tion,  to  form  more  complex  programs  out  of  simpler  ones.  Berghammer  and  Ziever  [7] 
have  given  a  relation  algebra  semantics  for  FP-like  languages  Mili,  Desharnais,  and 
Mill  [8]  have  given  heuristics  for  the  design  of  deterministic  programs  from  relational 
equations.  This  paper  describes  a  transformation  system  based  on  the  operators, 
relations,  and  equations  of  a  Q-re!ation  algebra 


4.1  Diversity  and  Complement 

The  identity  A'  id  Y  requires  unification  of  terms  A'  and  Y.  The  diversity  relation 
depends  on  antiunification  [9]  and  is  denoted  A  di  B  If  A  and  B  are  both  ground 
constants  then  A  di  B  will  fail  or  succeed  depending  on  whether  they  are  the  same 
or  different  constants  On  the  other  hand,  if  they  contain  unbound  variables  then  the 
environment  is  extended  to  include  that  information  as  inequality  constraints. 

Terms  with  structure  are  solved  recursively  in  a  manner  similar  to  unification  If 
the  two  terms  A  and  B  have  either  different  principal  functors  or  dilierent  numbers  of 
arguments  then  antiunification  succeeds  without  new  inequality  constraints  On  the 
other  hand,  with  the  same  principal  functor  and,  say  A',  arguments,  diversity  in  any 
argument  is  enough  for  antiunification  to  succeed  Thus  possibly  A'  new  choice  points 
are  created  by  recursing  the  algorithm  on  these  arguments  If  one  of  the  corresponding 
pairs  of  arguments  can  be  determined  to  be  different  then  no  other  alternatives  need 
be  considered  as  the  algorithm  terminates  successfully 

For  example,  consider  the  problem  f(X,g(a))  di  f(v,g(Y)).  The  two  solutions 
(inequality  constraints)  are  A’  5^  u  and  >’  ^  a.  On  the  other  hand,  the  subgoal 
/(A  .  a)  d  1  f(Y,b)  succeeds  with  no  new  inequality  constraints. 

Negation  as  finite  failure  cannot  compute  a  complement.  The  goal  SA’T,  A’  R  Y  is 
equivalent  to  3AF,  ->A’  R  )'  but  negation  by  failure  instead  determines  ->(3XY,  X  R  Y). 
A  1th  ough  negation  as  finite  failure  has  the  usual  logical  interpretation  for  ground  goals 
[10]  iri  the  face  of  transformation  we  cannot  be  assured  that  a  variable  will  be  ground. 

Constructive  negation  is  an  alternative  to  negation  by  failure.  The  elements  of 
R  are  not  actually  constructed,  but  instead  the  resolution  procedure  is  extended 
with  inequality  constraints.  Thus,  solutions  to  nonground,  negative  subgoals  are 
constructed  as  a  set  of  inequality  constraints.  Constructive  negation  has  both  a  clean 
semantics  and  the  advantage  of  speeding  up  some  computations  [1 1], 

Although  relation  complement  is  expressive,  it  is  not  monotonic  because  R  C  S 
does  not  imply  R  C  5  Transformations  on  programs  built  with  R  may  become  invalid 
if  R  is  extended  We  will  depend  most  heavily  upon  the  other  relation  operators 
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including  the  diversity  relation  and  avoid  relation  complement  when  possible. 


4.2  Sequence  construction  and  selection 

A  convenient  way  of  sharing  an  input  to  more  than  one  function  is  with  Backus' 
constructor  functional.  We  defined  a  similar  constructor  operation  on  relations  The 
ordered  coupling  operator  creates  an  ordered  couple  as  an  output  from  a  pair  of  inputs 
in  a  one  to  one  fashion.  Both  operations  are  strict.  While  complex  structures  are  made 
with  constructors,  they  are  taken  apart  with  hd  and  tl.  These  are  called  selectors  by 
Backus[6],  Selectors  disassemble  what  the  constructors  and  ordered  couplers  build 

While  success  of  A’  hd  o  F  Y  indicates  A’  is  a  couple,  A’  hd  o  G  Y  would  not  fail 
immediately  as  A’  hd  Z  would  be  delayed  until  Z  were  bound.  Thus  we  need  a  model 
of  lists  with  a  special  symbol  such  as  (  ]  to  indicate  the  end  of  list .  A  sequence  of  one 
element  A  will  be  represented  as  [A],  that  is  [,4|B]  where  B  =  [  J.  The  function  null 
tests  sequences  for  emptiness  and  is  an  identity  on  [  ].  That  is,  null  is  just  the  single 
pair  [  ].  [  ]. 

We  also  define  a  relation  to  deposit  this  symbol  into  a  list  construction  This  empty 
sequencer  is  a  constant  function  that  ignores  domain  elements,  returning  the  object 
( ]  We  also  represent  this  function  with  the  symbol  [  ).  It  is  defined  as  [  ]  =  »■  o  null 
The  following  are  some  simple  properties  of  null  and  [  ] 


[A(jB]  o  null  =  <(>, 

(45) 

(.4DB)  o  null  =  4>, 

(46) 

null  o  ( AOB )  =  d>. 

(47) 

[  ]  o  null  =  []. 

(48) 

[A\B]  =  [null  o  Ajnull  o  BJ. 

(49) 

5  Linear  recursion 


The  closure  of  a  relation  R  is  R  repeatedly  composed  with  itself  and  is  defined  as 
R‘  =  idu  RoR‘ .  Consider  the  program  that  finds  the  greatest  common  divisor  of  two 
numbers  Here  the  realization  is  the  natural  numbers  and  subtract  is  defined  onl\  on 
that  set  Thus  [3|5]  subtract  V  would  fail  but  [5|3]  subtract  2  succeeds. 
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Example  2  Greatest  common  divisor 


gcd  =  (( id  U  [t/|/itf])  o  [sufctrari  ]</])*  o  (hd  fl  tl). 

This  simple  program  starts  with  two  numbers  and  continually  subtracts  the  second 
number  from  the  first  until  the  numbers  are  the  same.  If  necessary,  it  reorders  the 
numbers  so  that  the  largest  is  first.  A  trace  of  the  computation  on  the  couple  [6|18] 
is  (6|  1 8]  =>  [  1 8 1 6]  =>  [12|6]  =>  [6|6]  =i>  6.  The  monoid  closure  is  not  expressive  enough 
and  is  naturally  oriented  to  a  universe  of  elements  without  structure.  We  define  a 
linear  recursion  operator  that  extends  the  effect  of  the  ordered  coupler  to  lists  and 
list-like  structures  This  operator  divides  the  structure  into  a  couple  with  D,  solves 
for  base  cases  with  5,  then  combines  the  elements  of  a  couple  with  C. 

it [D.  S,C)  =  SUDo  (idDit{D,  S,  C))  o  C.  (50) 

We  can  define  monoid  closure  with  it  as  /?*  =  »([w[/?],  id,  tl).  Also,  we  can  define 
map  to  apply  the  effect  of  a  relation  to  each  item  of  a  sequence.  Thus  for  example, 
the  goal  [2,3]  map(idUsu61)  Y  has  four  solutions  for  Y.  The  solutions  would  be 
V  =  {[2, 3],  [2, 2],  [1,3],  [1,2]}.  The  definition  is 

map(R)  -  ir{id,null,  ROid).  (51) 

In  our  relations  we  collect  inputs  into  a  single  structured  input  For  example,  the  Pro¬ 
log  goal  append(A,  B ,  C)  is  written  as  [ A\B ]  append  C.  On  the  other  hand,  predicates 
of  a  single  argument  become  two  argument,  subrelations  of  the  identity.  An  example 
is  3  odd  3.  These  extensions  are  important  because  they  allow  us  to  use  higher  order 
operators  with  Boolean  valued  relations  to  define  new  predicate  operators. 

All  recursions  that  follow  will  be  given  in  terms  of  *.  They  are  preliminary  to 
the  example  transformations.  The  next  definition  is  the  function  that  cumulatively 
concatenates  a  sequence  of  sequences. 

cone  =  it  {id,  null,  append),  (52) 

append  =  ?r((/id  o  hd|t/Oid],  (nu/lOtcf)  o  tl,  id).  (53) 

We  can  couple  an  item  to  each  element  of  a  sequence  with  either  distr  or  distl  as  in 
[6]  These  functions  can  be  simply  defined  in  terms  of  it  and  the  definitions  expose 
their  inherent  symmetry. 

distr  =  ir([hdOid\ilOid),hdo  null,id),  (54) 

distl  =  ir([idOhd\idOtl],  tl  o  null,  id).  (55) 

To  see  what  is  happening  here  consider,  for  example,  the  function  distr.  It  inputs  an 
ordered  couple,  a  sequence  and  an  item.  The  result  is  a  sequence  of  couples  each  of 
which  has  the  given  item  as  a  second  component.  Schematically  this  is 


Pi,  ■  •  • ,  An)\C]  distr  p,  \C[,  [ Ai\C] ,  •  •  • ,  [A*iq]. 


Many  relations  can  now  be  concisely  defined  in  a  single  expression.  For  example,  we 
can  define  member  on  a  couple,  an  element  and  a  sequence.  Thus  member  is  simply 
a  predicate  (an  identity)  that  tests  the  element  for  membership  in  the  sequence.  For 
example  both  ([3|[2,  3, 4]]  member  [3|[2, 3, 4]])  and  ([3|[5]]  nonmember  [3| [5]] )  are  true. 


select  =  x(id,hd,tl).  (56) 

member  =  [hd  D  (tl  o  select)\tl}.  (57) 

nonmember  =  [hd\distl  o  map((hd  o  di)  fit/)].  (58) 


The  following  equations  characterize  not  only  some  forms  of  loop  merging  but  can 
also  propagate  constraints.  Since  control  is  left  to  right,  constraints  on  search  are  best 
performed  as  soon  as  possible.  The  following  equation  enables  further  propagation  of 
constraints. 


Proposition  1  Merging  linear  recursions. 

■» 

v(D,S  o  null ,  id)  o  x (id,  null  oT,C)  =  x(D,  S  o  null  oT,C). 

The  proof  is  by  induction  over  relations  defined  on  a  well  founded  set.  We  unfo  <' 
each  x-term  in  the  expression  x(D,  S  o  null,  id)  o  x(id,  null  o  T,  C)  to  arrive  at 

(S  o  null  U  D  o  («dDx(D,  S  o  null,  id)))  o  (null  oJ'U  (idOx(id,  null  o  T,  C))  o  C). 
Equations  46  and  47  eliminate  the  cross  terms  to  give 

S  o  null  o  null  o  7~U  D  o  (idDx(Z?,  S  o  null,  id))  o  ((idOx(id,  null  o  T ,  C))  o  C). 
Now  we  can  apply  38  to  bring  the  two  x-terms  together. 

5  o  null  0TUD0  (idOx(D,  S  o  null,  id)  o  x(id,  null  o  T,  C))  o  C. 


Applying  the  induction  hypothesis  we  now  have 
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S  o  null  o  T  U  D  o  (idO*(D,  S  o  null  o  T,  C))  o  C. 

Folding,  ve  have  ir(D,S  o  null,  id)  o  it(id,  null  o  T,C)  =  *(D,  S  o  null  o  T,  C). 


Proposition  2  Propagation  of  constraints. 


r(D,  S ,  (RDid)  o  C)=  *(D  o  (RDid),  S,  C). 

Again  D  must  map  a  well  founded  set  into  lists.  By  induction  and  equation  34 


rr(D.  5,  ( ROid )  o  C)  =SuDo  (tdCbr(D,  S,  (ftDr'rf)  o  C))  o  (flOid)  o  C, 

=  S  U  D  o  (ROid)  o  (idOx(D,  SAROid )  O  C))  0  c, 

=  S  U  D  o  (RDid)  o  (idDrr(D  o  (ROid),  S,  C))  o  C, 

=  *(Do(ROid),S,C). 

The  relation  R  has  changed  positions.  Now  ROid  tests  on  the  way  down,  before  any 
large  structure  has  been  built,  instead  of  on  the  way  back  up.  A  simple  consequence  is 
the  equation  map(F)  o  map(G)  =  map(F  oG).  This  follows  from  these  two  equations 
and  the  fact  that  map(R)  =  r(id,  null,  ROid). 

If  a  concatenation  of  sequences  is  required  to  be  empty,  we  can  avoid  the  concate¬ 
nation  by  requiring  that  each  subsequence  of  the  sequence  be  empty. 

conconu//  =  map(titj/i)o[],  (59) 

This  rule  follows  by  induction  from  the  definitions  of  cone,  null,  and  map  with  equa¬ 
tions  8,  49,  39,  and  40. 


6  Transformations 


We  use  the  equations  developed  here  to  automatically  accomplish  a  nontrivial  program 
transformation  that  is  interesting  for  two  reasons.  Primarily,  it  does  not  rely  on  the 
Burstall  and  Darlington  fold/unfold  technique  [12]  but  is  instead  directed  by  the 
operator  definitions  and  equations  between  relations.  Therefore  the  method  is  easily 
mechanized.  Secondly,  unlike  Hogger’s  techniques  [13],  it  is  carried  out  using  relation 
level  reasoning  without  resorting  to  object  level  variables.  This  saves  symbols  and 
makes  the  derivation  more  concise  and  broadly  applicable. 
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The  problem  has  two  parts.  The  first  part  finds  the  list  intersection  of  two  lists. 
We  may  consider  this  program  as  a  trivial  example  of  a  library  program.  Library 
programs  may  well  be  written  efficiently  but  combinations  are  often  inefficient.  If 
two  programs  are  written  so  that  constraints  are  applied  as  early  as  possible,  before 
alternatives  are  created,  the  composition  may  have  some  constraints  that  are  applied 
too  late. 

A  programmer  should  not  expect  to  be  penalized  with  the  inefficiencies  of  library 
programs.  Our  second  program  exhibits  this  problem.  It  is  a  clear,  easy  to  under¬ 
stand  program  that  simply  tests  to  see  if  two  sequences  are  disjoint.  Using  the  rules 
developed  earlier,  we  remove  the  inefficiencies  in  that  program. 


6.1  Disjointedness  as  empty  intersection 

The  first  part  of  this  program  finds  the  intersections  of  two  lists  by  distributing  one 
list  over  the  elements  of  the  other,  then  finding  those  other  elements  that  are  members 
of  the  list. 

list-intersect  £  distr  o  map(member  o  [fid]  U  nonmember  o  [  ])  o  cone.  (60) 

The  program  disjoint  determines  if  two  lists  are  disjoint  by  simply  testing  for  an 
empty  intersection.  To  return  a  positive  answer  we  extend  the  model  with  the  identity 
relation  on  the  constant  yes.  As  defined,  this  program  is  unnecessarily  inefficient 
although  it  is  understandable  in  terms  of  its  parts. 

disjoint  =  list. intersect  o  null  ow  o  yes.  (61) 


The  transformation  system  applies  the  relation  equations  outwards  in,  from  left 
to  right.  After  each  successful  rewrite  the  enclosing  expression  is  attempted  before 
deeper  optimization  is  done  to  the  subexpressions^-!].  The  first  two  recursions  are 
within  the  definition  of  list-intersect.  Let  buildonc  represent  the  expression  membero 
[fid]  U  nonmember  o  [  ].  Then, 


lisi-intersect  o  null  =  distr  o  map(buildone)  o  cone  o  null. 


We  direct  our  attention  to  the  two  recursions  in  dist r  o  map(bui/donc)  Both  distr  and 
map  are  defined  with  tr  so  we  merge  and  simplify  them. 
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distr  o  map(buildone)  =  ir([/idO»d|//Otd],  hd  o  null,  id)  o  map(buildone), 

—  ir([/idOidj</Oid],  hd  o  null,  id)  o  w(id ,  null,  buildoneOid), 
=  jr([/idO»dj//Otd],  hd o  null,  buildoneOid), 

=  jr([/idmid|</Oid]  o  ( buildoneOid ),  /id  o  nu//,  id), 

=  »r([/idQtd  o  6ut7done|//Did  o  id),  hd o  null,  id), 

=  ir([/idDid  o  />ui7done|</Did],  /id  o  nu//,  id). 

Next,  cone  o  null  is  expanded  to  map{nui/)o[  ]  which  is  * (id,  null,  nullOid)  o  [  ].  Thus 
list. intersect  o  null  is  now  two  recursions  followed  by  [  ].  This  is 

ir([hdOid  o  buildone\tlOid],  hd  o  null,  id)  o  *(id,  null,  nullOid)  o  [  ]. 

Once  again  we  merge  recursions  and  propagate  constraints  to  obtain 


list.interscct  o  null  =  ir([/idClid  o  buildone\tlOid\,  hd  o  null,  nullOid )  o  [  ], 

=  x([hdOid  o  buildone\tlOid]  o  nullOid,  hd o  null,  id)  o  [  ], 

=  ir([/idDid  o  buildone  o  null\tlDid  o  id],  hd  o  null,  id)  o  [  ] 

Now  buildone  is  a  union,  over  which  we  can  distribute  null  to  obtain  buildoneonull  ~ 
member  o  [/id]  o  null  U  nonmember  o  [  ]  o  null.  In  addition,  one  branch  of  the  union 
goes  away  as  [/id]  o  null  always  fails.  Therefore,  we  have 


disjoint  =  r([hdOid  o  ( nonmember  o  [  ]  o  nu//)|//Did  o  id],  /id  o  null,  id)  o  v  o  yes, 
=  ir([/idOid o  (nonmember  o  [  ])jt/Oid],  hd o  null,  id)  o  w  o  yes. 

This  is  the  order  in  which  the  implemented  transformation  system  rewrites  the  original 
program.  The  mechanically  derived  program  for  disjoint  tests  for  nonmembership 
before  creating  large  structures.  When  the  two  lists  differ  at  their  first  components, 
the  remaining  components  need  not  be  tested.  For  two  lists  of  30  elements,  this 
program  is  approximately  100  times  faster  than  the  original. 

This  is  a  significant  speedup,  but  we  should  note  that  an  arbitrary  amount  of 
speedup  is  possible  with  the  converse  operator.  For  example  with  sequential,  left — 
to-right  AND.  the  cost  of  solving  X  (parent* )~  Y  is  much  greater  than  the  cost  of 
solving  A’  ( parent ')*  Y  for  a  large  family  tree  [15]. 


6.2  Eliminating  intermediate  lists 

Wadler  describes  a  deforestation  method  for  avoiding  intermediate  lists  [16].  He  ap¬ 
plies  it  to  a  program  to  compute  the  sum  of  squares  of  numbers  between  1  and  N.  The 
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method  uses  the  unfold-fold  method  on  recursive  equations  and  applies  to  determin¬ 
istic  programs.  Transformations  based  on  relation  algebras  extend  these  techniques 
to  nondeterministic  computations  in  a  verifiable  way. 

The  program  performs  just  three  main  steps.  The  program  constructs  a  sequence 
from  A'  to  1,  squares  every  number,  and  sums  the  sequence.  The  first  interesting 
observation  is  that  all  of  these  operations  are  described  by  the  r  operator. 


*([id|su61],  eqO  o  [  ],  id) o 
ir(id,  null,  sqrOid) o 
■x(id,null  ouo  egO,p/us). 

The  realization  for  a  Q-relation  algebra  requires  the  extra  relations  e<?0,  sufcl,  sqr ,  and 
plus.  These  have  the  obvious  definitions  except  that  eqO  is  just  the  single  pair  {0,0}. 

The  first  two  recursions  can  be  merged,  with  proposition  1,  and  the  sqr  operation 
can  be  brought  forward,  with  proposition  2,  to  obtain 

rr([s$r|su6l],eg0  o  [  ],  id)  o  ir(id,  null  ou  o  eq0,plus). 

Once  again  the  two  recursions  can  be  merged  to  obtain  the  result  ir([s?r|su61],  eq0,plus). 


7  Conclusion 


We  have  learned  that  the  Q-relation  algebras  form  a  firm  foundation  for  a  transforma¬ 
tion  oriented  programming  language.  The  abstract  relation  operators  are  appropriate 
for  describing  the  generic  constructs  that  often  arise  in  programming. 

We  h  ave  defined  a  model  independent  operator  j  that  describes  linear  recursions 
and  have  given  two  broadly  applicable  equations  that  merge  recursions  and  propagate 
constraints  They  provide  an  equationa!  method  for  reasoning  about  nondeterministic 
computations. 

The  system  based  on  these  equations  transforms  these  sample  programs  so  that 
the  result  is  essentially  a  different  algorithm.  This  implementation  shows  that  we  can 
in  some  cases  build  new  programs  on  previously  constructed  ones  without  the  usual 
efficiency  penalty  from  the  combination. 
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